Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 19-06-2016 Uruchomiony przez user (administrator) LAPTOP (20-06-2016 11:00:01) Uruchomiony z C:\Documents and Settings\user\Pulpit Załadowane profile: user (Dostępne profile: user) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 8 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (Agere Systems) C:\Program Files\LSI SoftModem\agrsmsvc.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe () C:\Program Files\USB TV\EM28XX\BDARemote.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [888832 2008-07-25] (Analog Devices, Inc.) HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [288312 2009-07-27] ( Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-29] (Synaptics Incorporated) HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [38112 2012-12-18] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [7405752 2006-01-01] (AVAST Software) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1044480 2009-07-20] (Analog Devices, Inc.) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [19557480 2010-07-28] (Realtek Semiconductor Corp.) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11] (ATI Technologies Inc.) HKU\S-1-5-21-746137067-1390067357-839522115-1003\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company) HKU\S-1-5-21-746137067-1390067357-839522115-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-746137067-1390067357-839522115-1003\...\Run: [TomTomHOME.exe] => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s HKU\S-1-5-21-746137067-1390067357-839522115-1003\...\Run: [NBJ] => C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [1961984 2005-07-14] (Ahead Software AG) HKU\S-1-5-21-746137067-1390067357-839522115-1003\...\Run: [RGSC] => D:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent HKU\S-1-5-21-746137067-1390067357-839522115-1003\...\MountPoints2: {29fe55f8-3aca-11e2-b2f8-18a90599487c} - G:\urDrive.exe HKU\S-1-5-21-746137067-1390067357-839522115-1003\...\MountPoints2: {8e82c340-60ce-11e2-81e1-806d6172696f} - G:\Starter.exe HKU\S-1-5-21-746137067-1390067357-839522115-1003\...\MountPoints2: {b591830d-5999-11e1-b0e8-18a90599487c} - G:\Nokia_Ovi_Suite_3_0_0_291_ALL.exe HKU\S-1-5-21-746137067-1390067357-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> none HKU\S-1-5-18\...\Run: [Google Update] => C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [116648 2015-06-05] (Google Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2016-05-09] (AVAST Software) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BDARemote.lnk [2016-03-18] ShortcutTarget: BDARemote.lnk -> C:\Program Files\USB TV\EM28XX\BDARemote.exe () ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{BF84CC1D-E177-4FAB-908C-917E5048CEB4}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{D943668F-A2C8-4361-BB91-81E8F556EAE8}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKU\S-1-5-21-746137067-1390067357-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie SearchScopes: HKU\S-1-5-21-746137067-1390067357-839522115-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2016-04-19] (AVAST Software) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2009-10-09] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\gh61ncx7.default-1463244470296 FF Homepage: hxxp://poczta.fm/ FF Session Restore: -> [funkcja włączona] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=3 -> C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2015-06-05] (Google Inc.) FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=9 -> C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2015-06-05] (Google Inc.) FF Extension: Flashblock - C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\gh61ncx7.default-1463244470296\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-05-14] FF Extension: Disable youtube html5 player - C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\gh61ncx7.default-1463244470296\Extensions\@disableyoutubehtml5player.xpi [2016-05-14] FF Extension: Adblock Plus - C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\gh61ncx7.default-1463244470296\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-14] FF Extension: YouTube Flash Video Player - C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\gh61ncx7.default-1463244470296\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-06-18] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2016-05-09] Chrome: ======= CHR HKLM\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100352 2008-04-14] (Microsoft Corporation) S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-12-21] (Adobe Systems) [Brak podpisu cyfrowego] R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2008-08-26] (Agere Systems) R2 Ati External Event Utility; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [Brak podpisu cyfrowego] S2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [Brak podpisu cyfrowego] S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] () [Brak podpisu cyfrowego] R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [243296 2016-05-09] (AVAST Software) S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-06] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-06] (Dropbox, Inc.) R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [Brak podpisu cyfrowego] R2 yksvc; C:\WINDOWS\System32\yk51x86.dll [282624 2009-06-04] (Marvell) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 5U876UVC; C:\WINDOWS\System32\DRIVERS\5U876.sys [118656 2009-06-30] (Ricoh co.,Ltd.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [32792 2016-05-09] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-05-09] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [91168 2016-05-09] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [64272 2016-05-09] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [58776 2016-05-09] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [815792 2016-05-09] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449640 2016-05-09] (AVAST Software) R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [187208 2016-05-09] (AVAST Software) S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [67216 2016-05-09] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [221368 2016-05-09] (AVAST Software) R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [Brak podpisu cyfrowego] R3 ATIAVAIW; C:\WINDOWS\System32\DRIVERS\atinavt2.sys [170496 2009-02-04] (ATI Technologies Inc.) [Brak podpisu cyfrowego] S3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1735296 2010-01-13] (Broadcom Corporation) S3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [534568 2009-01-14] (Broadcom Corporation.) R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [37160 2009-01-14] (Broadcom Corporation.) R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [991656 2009-01-14] (Broadcom Corporation.) S3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [156816 2009-01-14] (Broadcom Corporation.) S3 btwmodem; C:\WINDOWS\System32\DRIVERS\btwmodem.sys [37032 2009-01-14] (Broadcom Corporation.) S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [47272 2009-01-14] (Broadcom Corporation.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R0 imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [5504 2004-03-02] (Ahead Software AG) [Brak podpisu cyfrowego] R0 imagesrv; C:\WINDOWS\System32\DRIVERS\imagesrv.sys [125184 2004-03-02] (Ahead Software AG) [Brak podpisu cyfrowego] S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) S3 R300; C:\WINDOWS\System32\DRIVERS\atikmdag.sys [2377728 2007-02-10] (ATI Technologies Inc.) [Brak podpisu cyfrowego] R3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [2811536 2014-07-04] (MediaTek Inc.) S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation) R0 SFAUDIO; C:\WINDOWS\System32\drivers\sfaudio.sys [24064 2008-03-28] (Sonic Focus, Inc) R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [466008 2013-01-17] (Duplex Secure Ltd.) R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [225664 2008-04-14] (Microsoft Corporation) R3 WmBEnum; C:\WINDOWS\System32\drivers\WmBEnum.sys [10144 2003-05-14] (Logitech Inc.) S3 WmFilter; C:\WINDOWS\System32\drivers\WmFilter.sys [21216 2003-05-14] (Logitech Inc.) S3 WmHidLo; C:\WINDOWS\System32\drivers\WmHidLo.sys [13920 2003-05-14] (Logitech Inc.) S3 WmVirHid; C:\WINDOWS\System32\drivers\WmVirHid.sys [5728 2003-05-14] (Logitech Inc.) R3 WmXlCore; C:\WINDOWS\System32\drivers\WmXlCore.sys [44288 2003-05-14] (Logitech Inc.) S3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [297728 2009-06-04] (Marvell) S4 IntelIde; Brak ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) S2 Scutum50; System32\Drivers\Scutum50.sys [X] U1 WS2IFSL; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-06-20 11:00 - 2016-06-20 11:00 - 00017880 _____ C:\Documents and Settings\user\Pulpit\FRST.txt 2016-06-20 10:59 - 2016-06-20 10:59 - 00000000 ____D C:\Documents and Settings\user\Pulpit\FRST-OlderVersion 2016-06-13 23:00 - 2016-06-15 16:00 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-05-23 23:29 - 2016-05-22 17:02 - 00032256 _____ C:\Documents and Settings\user\Pulpit\Kopia KOSZTORYS 2,.xls 2016-05-23 23:15 - 2016-05-23 23:15 - 01062020 _____ C:\Documents and Settings\user\Pulpit\1-s2.0-S0300483X11002393-main.pdf 2016-05-22 17:02 - 2016-05-22 17:02 - 00032256 _____ C:\Documents and Settings\user\Pulpit\KOSZTORYS 2,.xls ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-06-20 11:00 - 2014-05-20 21:02 - 00000000 ____D C:\FRST 2016-06-20 11:00 - 2010-01-13 13:18 - 00000000 ____D C:\Documents and Settings\user\Ustawienia lokalne\Temp 2016-06-20 11:00 - 2010-01-13 13:18 - 00000000 ____D C:\Documents and Settings\user\Pulpit 2016-06-20 10:59 - 2006-01-01 10:36 - 01737728 _____ (Farbar) C:\Documents and Settings\user\Pulpit\FRST.exe 2016-06-20 10:42 - 2015-07-06 23:46 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-06-20 10:40 - 2012-07-02 22:31 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2016-06-20 10:34 - 2016-01-06 19:09 - 00001136 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-06-20 10:10 - 2011-04-18 22:20 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-20 10:09 - 2010-01-13 13:18 - 00000000 ___HD C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji 2016-06-20 10:08 - 2016-02-22 12:50 - 00000524 _____ C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1456138207.job 2016-06-20 10:08 - 2016-01-06 19:09 - 00001132 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-06-20 10:08 - 2011-04-18 22:20 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-20 10:08 - 2010-01-13 13:17 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-06-19 23:55 - 2010-01-13 13:18 - 00000188 ___SH C:\Documents and Settings\user\ntuser.ini 2016-06-19 23:55 - 2010-01-13 13:17 - 00032504 _____ C:\WINDOWS\SchedLgU.Txt 2016-06-19 23:12 - 2001-10-26 20:15 - 00490628 _____ C:\WINDOWS\system32\perfh015.dat 2016-06-19 23:12 - 2001-10-26 20:15 - 00083880 _____ C:\WINDOWS\system32\perfc015.dat 2016-06-19 23:11 - 2010-01-13 14:03 - 01087636 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-06-19 23:10 - 2001-07-22 02:17 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2016-06-19 23:03 - 2015-06-05 08:58 - 00001152 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job 2016-06-17 09:42 - 2016-04-08 20:42 - 09717952 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe 2016-06-17 09:42 - 2015-07-06 23:46 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2016-06-17 09:42 - 2015-07-06 23:46 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2016-06-17 09:03 - 2015-06-05 08:58 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job 2016-06-16 09:08 - 2015-11-13 14:23 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-06-15 18:54 - 2010-01-13 14:02 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2016-05-26 18:40 - 2010-01-15 21:37 - 00000095 _____ C:\WINDOWS\winamp.ini ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-09-16 23:03 - 2015-09-16 23:03 - 0000000 _____ () C:\Program Files\GUM6F.tmp 2010-01-13 14:16 - 2010-01-13 14:16 - 0000000 _____ () C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\AtStart.txt 2010-01-15 22:28 - 2014-10-08 21:48 - 0016896 _____ () C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-01-13 14:16 - 2010-01-13 14:16 - 0000000 _____ () C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DSwitch.txt 2010-01-18 00:34 - 2014-10-05 16:55 - 0000000 _____ () C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\FnF4.txt 2010-01-13 14:16 - 2010-01-13 14:16 - 0000000 _____ () C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\QSwitch.txt 2014-04-15 18:13 - 2014-04-26 11:26 - 0005899 _____ () C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\unins000.dat 2014-04-26 11:26 - 2014-04-26 11:26 - 0707504 _____ () C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\unins000.exe 2014-04-15 18:13 - 2014-04-26 11:26 - 0011761 _____ () C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\unins000.msg Niektóre pliki w TEMP: ==================== C:\Documents and Settings\user\Ustawienia lokalne\Temp\{8068606E-1BB1-4E01-AEEA-5E711BD1C032}-DropboxClient_3.16.1.exe C:\Documents and Settings\user\Ustawienia lokalne\Temp\{B161B76C-48A2-4816-8EE6-2B297A9F5AEC}-DropboxClient_3.20.1.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================